social engineering

It has been a couple of weeks since the Google Docs hoax spread across the Internet like wildfire. What have we learned about this exploit?

Originally this appeared to be a phishing campaign, but phishing emails are spoofed clever replicas. These emails were the genuine article, and were sent from Google mail servers, from the hijacked Google accounts of people you were likely to know. This made the exploit difficult to detect, ...